Data Confidentiality Protection Domain Specialist - GRC

Role : Data Confidentiality Protection Domain Specialist

We are seeking a highly experienced and dedicated Data Confidentiality Protection Domain Specialist to join our team in Pune. This is a critical leadership role for an individual with a minimum of 12 years of experience in cybersecurity, data protection, and IT management. The ideal candidate will be a strategic thinker with a proven track record of implementing robust data confidentiality frameworks and leading high-performing teams.

Responsibilities :

- Strategic Leadership : Develop, implement, and manage comprehensive data confidentiality strategies and programs aligned with industry best practices and regulatory requirements.

- Team Management : Lead and mentor a team of cybersecurity and data protection professionals, fostering a culture of excellence, continuous improvement, and collaboration.

- Risk Management : Identify, assess, and mitigate data confidentiality risks across the organization's IT landscape, including cloud environments.

- Governance, Risk, and Compliance (GRC) : Establish and maintain GRC frameworks for data protection, ensuring adherence to internal policies, external regulations (e.g., GDPR, CCPA), and industry standards.

- Security Architecture & Implementation : Design, implement, and maintain secure architectures for data confidentiality, with a strong focus on cloud security, particularly Azure.

- Cloud Security Expertise : Oversee the security of Azure environments, including Azure Kubernetes Service (AKS), ensuring secure configurations, access controls, and data encryption.

- Container Security : Implement and manage security measures for containerized applications using technologies like Docker and Kubernetes.

- Monitoring & Incident Response : Establish and manage robust monitoring systems (e.g., Prometheus, Grafana, Azure Monitor) to detect and respond to data confidentiality incidents effectively.

- Database Security : Ensure the security of various database systems, including MongoDB, through appropriate access controls, encryption, and auditing.

- Linux System Administration : Provide expert guidance on securing Linux-based systems.

- Site Reliability Engineering (SRE) : Apply SRE principles to enhance the reliability, availability, and security of data protection systems.

- Automation : Drive the automation of security processes and controls through scripting and other automation services.

- Cybersecurity Best Practices : Promote and enforce cybersecurity best practices throughout the organization.

Mandatory Skills :

- Cybersecurity : Extensive knowledge and practical experience in various domains of cybersecurity.

- Data Protection : Deep expertise in data confidentiality principles, technologies, and regulatory requirements.

- IT Management : Proven ability to manage complex IT environments and initiatives.

- People Management : Strong leadership and team management skills, with experience in building and developing high-performing teams.

- GRC (Governance, Risk, and Compliance) : Solid understanding and experience in implementing and managing GRC frameworks.

- CISSP (Certified Information Systems Security Professional) : This certification is highly valued for this role.

- CISA (Certified Information Systems Auditor) : This certification is highly valued for this role.

Essential Skills :

- Cloud Security (specifically Azure) : In-depth knowledge of Azure security services, best practices, and architecture.

- Experience with AKS (Azure Kubernetes Service) : Hands-on experience securing and managing AKS environments.

- Containerization Technologies (e.g., Docker, Kubernetes) : Proficient in securing containerized applications.

- Monitoring Systems (e.g., Prometheus, Grafana, Azure Monitor) : Experience in setting up and utilizing these tools for security monitoring.

- Database Management (e.g., MongoDB) : Knowledge of database security principles and practical experience with various database systems.

- Linux System Administration : Strong proficiency in Linux operating systems and security hardening.

- Cybersecurity Best Practices : Comprehensive understanding and application of industry-recognized cybersecurity best practices.

- Site Reliability Engineering (SRE) : Understanding and application of SRE principles in a security context.

- Automation Services (scripting) : Proficiency in scripting languages for automating security tasks (e.g., Python, PowerShell).

Desirable Certifications :

- Certified Information Systems Security Professional (CISSP)

- Certified Cloud Security Professional (CCSP)

- Microsoft Certified : Azure Security Engineer Associate

- Certified Information Security Manager (CISM)

- Certified Ethical Hacker (CEH)